Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    URL Redirecting is missing label for branding and warning on redirect

    Scheduled Pinned Locked Moved Cache/Proxy
    19 Posts 3 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JonathanLeeJ
      JonathanLee @JonathanLee
      last edited by

      @jonathanlee keep in mind all urls used are testing urls for learning.

      Make sure to upvote

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @JonathanLee
        last edited by

        @jonathanlee that is the normal block page, and it loads because its not https..

        Have fun trying to do with https.. You would have to create a cert for www.cnn.com on the fly, and your browser would have to trust the CA that created it, etc.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        JonathanLeeJ 1 Reply Last reply Reply Quote 1
        • JonathanLeeJ
          JonathanLee @johnpoz
          last edited by JonathanLee

          @johnpoz I wish we could do a overlay for a redirect. I have to admit redirection and learning about this today was amazing.

          Make sure to upvote

          N 1 Reply Last reply Reply Quote 0
          • N
            netblues @JonathanLee
            last edited by

            @jonathanlee You can block https but you cannot redirect it.
            And adding local trusted ca's on all devices and creating "fake" site certificates on the fly isnt easy.
            And why you need an overlay? A simple landing page is enough (if you have managed to do the redirection)

            JonathanLeeJ 2 Replies Last reply Reply Quote 1
            • JonathanLeeJ
              JonathanLee @netblues
              last edited by

              @netblues thanks for the reply. Do you think they will ever have a browser plugin to act like Burp suite so we could make redirection work correctly? Http works for the messages however https does not. The cookie interaction and SSL issues with the redirection cause most of the issues. With a proxy like Brupe suite you can have the Forward pause and adapt it on the fly with pen testing even regenerate cookies. But for a valid redirect there has to be a way to just auto generate a cancel and a new url reload with the new url. What http header sends the stop? We just need to cancel and refresh with the new URL right? But how can you hit the refresh without a plugin?

              Make sure to upvote

              JonathanLeeJ 1 Reply Last reply Reply Quote 0
              • JonathanLeeJ
                JonathanLee @JonathanLee
                last edited by JonathanLee

                @jonathanlee

                HTTP request methods - http: MDN. HTTP | MDN. (n.d.). Retrieved January 6, 2022, from https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods

                One has to work, I will just have to play with some code next semester if I learn more and test for a while and make it very secure. Goal is to stop the unwanted non approved URL cancel the browser request and after have a new request generated for a new URL and send the new url down. But it would require a approved plugin like Kaspersky uses. You have to control the browser someway. All it is a redirected url with a overlay. Kaspersky antivirus uses browser extensions even Chrome approved ones that install SSL certificates on the fly for use with the software based IDS and antivirus software. I would feel more comfortable with such extensions installed on the firewall.

                General articles: Answers to frequently asked questions. How to enable the Kaspersky Protection extension in Google Chrome, Mozilla Firefox and Microsoft Edge based on Chromium. (n.d.). Retrieved January 6, 2022, from https://support.kaspersky.com/common/start/12782

                Make sure to upvote

                N 1 Reply Last reply Reply Quote 0
                • N
                  netblues @JonathanLee
                  last edited by

                  @jonathanlee Creating and maintaining a plugin that works on many browsers and devices isn't something easy.
                  It does require a team of devs and testers and a way to finance it.
                  Kaspersky is a multimilion dollar security software company with many subject matter experts.
                  If it was easier they wouldn't have opted for a plugin, to begin with.

                  JonathanLeeJ 1 Reply Last reply Reply Quote 0
                  • JonathanLeeJ
                    JonathanLee @netblues
                    last edited by

                    @netblues
                    One can say . .
                    A community is always be stronger than abuses brought by the few.

                    I got the http redirect to work however for the blocked https I am still working on that I want it to go to the official blocked page like this. see image below

                    Screen Shot 2022-01-06 at 8.17.09 AM.png

                    This only works when I go to http://zoo.com
                    if I try https://zoo.com this occurs

                    Screen Shot 2022-01-06 at 8.18.01 AM.png

                    I am missing a setting or something. I just get a error page

                    Make sure to upvote

                    1 Reply Last reply Reply Quote 0
                    • JonathanLeeJ
                      JonathanLee @netblues
                      last edited by

                      @netblues Even with the landing pad it gives an error for me currently only http works.

                      Make sure to upvote

                      johnpozJ 1 Reply Last reply Reply Quote 0
                      • johnpozJ
                        johnpoz LAYER 8 Global Moderator @JonathanLee
                        last edited by

                        @jonathanlee I would suggest you go through the hangout by jimp

                        Youtube Video

                        While its a bit dated now with 2.5 and 2.6 around the corner.. I am not aware of any sort of major changes.. And for sure this hangout goes over the different options of doing https proxy.

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.